<?php session_start(); ?>
<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<title>login</title>
</head>
<body>


<?php
include_once('../../libraries/esaydb.class.php');
if($_POST['username'] && $_POST['password']) {
	$name = $_POST['username'];
	$password = md5($_POST['password']);
	$db = new EasyDB();
	$sql = 'SELECT uid,username,status FROM ob_user WHERE username = ? AND password = ?';
	$result  = $db->queryOne($sql, array($name,$password));
	if($result) {
		if($result['status'] == 'no') {
			echo "<script>alert('用户名被禁用');history.go(-1);</script>";
		}
		$_SESSION['uid'] = $result['uid'];
		$_SESSION['username'] = $result['username'];
		echo "<script>alert('登陆成功');window.location.href='../../index.php';</script>";
	}else{
		echo "<script>alert('用户名或密码不正确');history.go(-1);</script>";
	}
}else{
	echo "<script>alert('参数错误');history.go(-1);</script>";
}
?>
</body>
</html>